Top executives face personal malware threat

Hackers have targeted 500 key business executives in what is believed to be the first mass-targeted malware attack, according to security vendor MessageLabs.

Targeted attacks aim to bypass security measures by individually addressing emails, which often contain zero-day exploits.

On 26 June, MessageLabs intercepted more than 500 individual email attacks targeted at individuals in senior management positions in a variety of organisations around the world. Normally MessageLabs sees approximately 10 targeted attacks per 200 million emails per day, said Mark Sunner, MessageLabs' chief security analyst.

The malicious emails contain the name and job title of the victim in the subject line. The vertical sector most targeted was banking and finance, with chief investment officers being targeted in 30 percent of the attacks, according to Sunner. However, other verticals were also targeted. Eleven percent of the intended victims were chief executive officers, while six percent were chief finance officers.

Sunner said that the executives being targeted were perhaps "not that tech savvy". In the attacks, an executable file was embedded in a Word document. If the victim opened the document and clicked on a link, the file would have run a data-stealing Trojan that relied on creating buffer overflow conditions in Office documents.

MessageLabs said it did not know who had perpetrated the attack. "It's a certainty that some executives were compromised," said Sunner.

The intended victims' PAs, spouses and relatives were also targeted by name, in attempt to infect other computers related to the victim. The intent was to indirectly gain access to confidential correspondence and intellectual property relating to the target, said MessageLabs.

Sunner said he suspected the hackers harvested the information using search and social-networking sites. "Someone somewhere has really done their homework," said Sunner.